CVEs from 2026
Total
13,301
critical
critical 1,106
high
high 3,919
medium
medium 3,976
low
low 415
% Critical
8.3%
% with KEV
0.4%
% with exploit
0.5%
Top products
- chrome 298
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 221
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-22417 | critical | 9.8 | 9.8 | 3mo ago | Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Wedding grandwedding allows Object Injection.This issue affects Grand Wedding: from n/a through < 3.1.11. | |
| CVE-2026-27820 | critical | 9.8 | 9.8 | 3mo ago | zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The z… | |
| CVE-2026-27446 | critical | 9.8 | 9.8 | 3mo ago | Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions | |
| CVE-2026-2590 | critical | 9.8 | 9.8 | 3mo ago | Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to p… | |
| CVE-2026-3413 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /admin_single_student.php. This manipulation of the argument ID causes sql … | |
| CVE-2026-3411 | critical | 9.8 | 9.8 | 3mo ago | A security vulnerability has been detected in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /admin_single_student_update.php. The man… | |
| CVE-2026-3410 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/check_studid.php. Executing a manipulation … | |
| CVE-2026-3406 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The mani… | |
| CVE-2026-3395 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in MaxSite CMS up to 109.1. This impacts the function eval of the file application/maxsite/admin/plugins/editor_markitup/preview-ajax.php of the component MarkItUp Preview AJAX … | |
| CVE-2026-28517 | critical | 9.8 | 9.8 | 3mo ago | openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in report_network_map.php. The application retrieves the 'dot' configuration parameter from the databas… | |
| CVE-2026-24352 | critical | 9.8 | 9.8 | 3mo ago | PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID… | |
| CVE-2026-3289 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in Sanluan PublicCMS 6.202506.d. This impacts the function saveMetadata of the file TemplateCacheComponent.java of the component Template Cache Generation. Executing a … | |
| CVE-2026-3287 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in youlaitech youlai-mall 2.0.0. This affects the function listPagedSpuForApp of the file mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/controller/app/SpuCon… | |
| CVE-2026-20797 | critical | 9.8 | 9.8 | 3mo ago | A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to cause stack corruption and a termination of the program. | |
| CVE-2026-3261 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settings/index.php of the component Setting Handler. This manipulation of the argumen… | |
| CVE-2026-3187 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this issue is some unknown functionality of the file /api/admin/sys-file/upload of the component API Endpoi… | |
| CVE-2026-3164 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in itsourcecode News Portal Project 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle results in s… | |
| CVE-2026-3153 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in itsourcecode Document Management System 1.0. Impacted is an unknown function of the file /register.php. Such manipulation of the argument Username leads to sql injec… | |
| CVE-2026-3152 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacher_id cau… | |
| CVE-2026-3151 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was detected in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /login/login.php. The manipulation of the argument email results in sql… | |
| CVE-2026-3148 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes … | |
| CVE-2026-3135 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an unknown function of the file /admin/add-category.php. This manipulation of the argument Category cau… | |
| CVE-2026-3134 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in itsourcecode News Portal Project 1.0. The affected element is an unknown function of the file /newsportal/admin/edit-category.php. The manipulation of the argum… | |
| CVE-2026-3133 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in itsourcecode Document Management System 1.0. This issue affects some unknown processing of the file /loging.php of the component Login. The manipulation of the argum… | |
| CVE-2026-2786 | critical | 9.8 | 9.8 | 3mo ago | Important: thunderbird security update | |
| CVE-2026-3069 | critical | 9.8 | 9.8 | 3mo ago | A security vulnerability has been detected in itsourcecode Document Management System 1.0. Affected is an unknown function of the file /edtlbls.php. The manipulation of the argument field1 leads to s… | |
| CVE-2026-3068 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in itsourcecode Document Management System 1.0. This impacts an unknown function of the file /deluser.php. Executing a manipulation of the argument user2del can lead to… | |
| CVE-2026-3057 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the function dateTotalForProject of the file application/common/Model/Task.php of the component Backend Inter… | |
| CVE-2026-3053 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component Ope… | |
| CVE-2026-3046 | critical | 9.8 | 9.8 | 3mo ago | A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /check_profile_old.php. The ma… | |
| CVE-2026-3042 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was detected in itsourcecode Event Management System 1.0. The affected element is an unknown function of the file /admin/index.php. Performing a manipulation of the argument ID result… | |
| CVE-2026-3025 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.a… | |
| CVE-2026-2983 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknown function of the file /admin/core/import_users.php of the component Bulk Impor… | |
| CVE-2026-2964 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipul… | |
| CVE-2026-2954 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in Dromara UJCMS 10.0.2. Impacted is the function importChanel of the file /api/backend/ext/import-data/import-channel of the component ImportDataController. Performing a ma… | |
| CVE-2026-2952 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxar… | |
| CVE-2026-2944 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handl… | |
| CVE-2026-2912 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation… | |
| CVE-2026-2867 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in itsourcecode Vehicle Management System 1.0. Affected is an unknown function of the file /billaction.php. Executing a manipulation of the argument ID can lead to sql … | |
| CVE-2026-2865 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of the file admin/productcontroller.php of the component HTTP POST Request Handler.… | |
| CVE-2026-2848 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component R… | |
| CVE-2026-26725 | critical | 9.8 | 9.8 | 3mo ago | An issue in edu Business Solutions Print Shop Pro WebDesk v.18.34 (fixed in 19.76) allows a remote attacker to escalate privileges via the AccessID parameter. | |
| CVE-2026-22384 | critical | 9.8 | 9.8 | 3mo ago | Deserialization of Untrusted Data vulnerability in leafcolor Applay - Shortcodes applay-shortcodes allows Object Injection.This issue affects Applay - Shortcodes: from n/a through <= 3.7. | |
| CVE-2026-2691 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in itsourcecode Event Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/manage_register.php. Such manipulation of the argum… | |
| CVE-2026-2690 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in itsourcecode Event Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Admin Login. Th… | |
| CVE-2026-2689 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was detected in itsourcecode Event Management System 1.0. Affected is an unknown function of the file /admin/manage_booking.php. The manipulation of the argument ID results in sql inj… | |
| CVE-2026-2684 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html.… | |
| CVE-2026-2682 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such… | |
| CVE-2026-2654 | critical | 9.8 | 9.8 | 3mo ago | Hugging Face Smolagents has a Server-Side Request Forgery issue | |
| CVE-2026-2616 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials… | |
| CVE-2026-2528 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was identified in Wavlink WL-WN579A3 up to 20210219. Affected by this vulnerability is the function Delete_Mac_list of the file /cgi-bin/wireless.cgi. The manipulation of the argument… | |
| CVE-2026-2527 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in Wavlink WL-WN579A3 up to 20210219. Affected is an unknown function of the file /cgi-bin/login.cgi. Executing a manipulation of the argument key can lead to command i… | |
| CVE-2026-23112 | critical | 9.8 | 9.8 | 3mo ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU leng… | |
| CVE-2026-2225 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in itsourcecode News Portal Project 1.0. This vulnerability affects unknown code of the file /admin/index.php of the component Administrator Login. This manipulation of the argu… | |
| CVE-2026-2223 | critical | 9.8 | 9.8 | 4mo ago | A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/ta… | |
| CVE-2026-2221 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the … | |
| CVE-2026-2220 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btn_functions.php. Such manipulation… | |
| CVE-2026-2217 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/manage_user.php. The manipulation of the argument ID results in s… | |
| CVE-2026-1615 | critical | 9.8 | 9.8 | 4mo ago | jsonpath has Arbitrary Code Injection via Unsafe Evaluation of JSON Path Expressions | |
| CVE-2026-2212 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulatio… | |
| CVE-2026-2211 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in code-projects Online Music Site 1.0. Affected is an unknown function of the file /Administrator/PHP/AdminDeleteCategory.php. Executing a manipulation of the argument… | |
| CVE-2026-2199 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. P… | |
| CVE-2026-2198 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipu… | |
| CVE-2026-2197 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of… | |
| CVE-2026-2196 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/assessments/pretest/exam-update.php. The manipulati… | |
| CVE-2026-2195 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/assessments/pretest/questions-view.php. The manip… | |
| CVE-2026-2190 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/user/controller.php. The manipulation of the argument ID resul… | |
| CVE-2026-2189 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. The manipulation of the argument ay leads to sql … | |
| CVE-2026-2172 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in code-projects Online Application System for Admission 1.0. Affected by this vulnerability is an unknown functionality of the file enrollment/index.php of the compone… | |
| CVE-2026-2171 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the component Login. Performing a manipulation of the argu… | |
| CVE-2026-2166 | critical | 9.8 | 9.8 | 4mo ago | A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulati… | |
| CVE-2026-2165 | critical | 9.8 | 9.8 | 4mo ago | A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/assets/backend/seller/add_seller.php of the component Account Creation Endpoint. Exe… | |
| CVE-2026-2164 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the file /seller/assets/backend/profile/addadhar.php. Performing a manipulation of t… | |
| CVE-2026-2161 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in itsourcecode Directory Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/forget-password.php. The manipulation of the argumen… | |
| CVE-2026-2136 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql inje… | |
| CVE-2026-2133 | critical | 9.8 | 9.8 | 4mo ago | A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtima… | |
| CVE-2026-2132 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the … | |
| CVE-2026-2122 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results i… | |
| CVE-2026-2117 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/edit_activity.php. Performing a manipulation of the argument ac… | |
| CVE-2026-2116 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/edit_expenses.php. Such manipulation of the argument expenses_id leads… | |
| CVE-2026-2115 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in itsourcecode Society Management System 1.0. This issue affects some unknown processing of the file /admin/delete_expenses.php. This manipulation of the argument expenses_id c… | |
| CVE-2026-2114 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was detected in itsourcecode Society Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_admin.php. The manipulation of the argument admin_id result… | |
| CVE-2026-2113 | critical | 9.8 | 9.8 | 4mo ago | A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library /public/static/admin/lib/webuploader/0.1.5/server/preview.php of the component… | |
| CVE-2026-2090 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argu… | |
| CVE-2026-2089 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argumen… | |
| CVE-2026-2088 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid le… | |
| CVE-2026-2087 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument user_email… | |
| CVE-2026-2083 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /delete_post.php. Performing a manipulation of the argument ID results in… | |
| CVE-2026-2073 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lea… | |
| CVE-2026-2060 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in code-projects Simple Blood Donor Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /simpleblooddonor/editcampaignform.php. Per… | |
| CVE-2026-2059 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in SourceCodester Medical Center Portal Management System 1.0. Affected is an unknown function of the file /emp_edit1.php. Such manipulation of the argument ID leads to… | |
| CVE-2026-2058 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec098bfbbf3300d60c3494db3fb95b66e7be. This impacts an unknown function of the file /postquerypublic.php of the component Pos… | |
| CVE-2026-2057 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was detected in SourceCodester Medical Center Portal Management System 1.0. This affects an unknown function of the file /login.php. The manipulation of the argument User results in s… | |
| CVE-2026-2018 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injecti… | |
| CVE-2026-2014 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument … | |
| CVE-2026-2013 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in itsourcecode Student Management System 1.0. This affects an unknown function of the file /ramonsys/soa/index.php. Such manipulation of the argument ID leads to sql i… | |
| CVE-2026-2012 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /ramonsys/facultyloading/index.php. This manipulation of the argu… | |
| CVE-2026-2011 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /ramonsys/enrollment/controller.php. The manipulation of the argument … | |
| CVE-2026-1813 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Tem… | |
| CVE-2026-1812 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component F… |